Anyone using this version got mDNS working? If YES please tell me how …
I have CCR1009 with 5 vlans that’s connected to my CRS326 switch where all my vlans reside either through ethernet or WiFi
I want my printer that is AirPrint capable and sitting in vlan100 to be accessed by any apple device siting in vlan20
This should be doable with mDNS but in my case the apple devices using vlan20 cannot communicate with the printer.
According to normis configuring mDNS is very simple
on my CCR1009 via terminal I issue:
/ip/dns set mdns-repeat-ifaces=vlan100,vlan20
is there something else thats needs to be configured using mDNS? because this does not work … my apple devices cannot see the AirPrint capable printer
My understanding is that mDNS is crucial for facilitating device discovery and communication within local networks without the need for a dedicated DNS server … but Tik have not explained how that is implemented under RoS … why introduce a new feature without some form of direction that is not puzzling … rhetorically stated …
Basically RouterOS will look for mDNS if configured in /ip/dns, then re-broadcast any mDNS the router gets on ANY of the mDNS interface to ALL of the configuration mDNS interfaces.
So it’s not some flexible mDNS “router”, at this point, it just copies/mirror/repeats everything bi-directionally. The reason why this get more complex is if you want to define “one-way” repeating (i.e. mDNS flows uni-directionally). Right now, basically, you can create ONE mDNS discovery zone, that “shares” everything between the interfaces configured in /ip/dns. Perhaps more is planned, but I think that’s what it does in beta3.
In fairness, I did one test of this… between a remote EoIP to my folk house. If enable this 7.16 mDNS repeat in /ip/dns, I can see and control a Roku TV at least. So we’ll have to wait for Mikrotik to say more on what it should do… All I can see is what a 15 minute tested showed .
The remote EoIP and local network are both just in “LAN” interface-list, so there are no VLAN restrictions. If you restrict VLANs… you have to allow both mDNS for input, and whatever protocol used by the device in forward. That part isn’t changed by repeating mDNS, the firewall still has to allow whatever traffic, even multicast.
While Apple AirPrint should work find being “repeated”. I’m not sure AirPlay works if repeated due to DRM concerns - I dunno for sure (since a HomePod already deal with the apple things). So I didn’t test AirPlay, but that not working, would not be a surprise. i.e. Apple AirPlay may need a src-nat NAT rule between VLANs (for AirPlay) since the source IP is unicast & I believe it enforces that AirPlay MUST be on same LAN. So repeating the mDNS doesn’t help when trying to play music/movie – maybe this has changed. But testing AirPlay with this feature would not be a good “first test”.
Correct, in my test case. There RB1100AHx4 that hangs on my LAN that I use for mainly for testing beta/devices from work. I have one EoIP link on that RB1100 that is a /interface/bridge/port on BOTH sides - it bridges my folk’s remote LAN bridge (from a cAPac that acts as both the AP and router, with an EoIP tunnel (to RB1100)). On the RB1100, there is a /ip/dhcp-client that pull my folk’s LAN IPs on to the RB1100, and one additional port is tagged to same VLAN as EoIP.
It seems to allow you set mDNS repeat on the EoIP interface, but unless both sides had that bridged with an /interface/vlan… I’m not sure there be a use case for repeating EoIP directly. Even though there is EoIP involved, it’s bridged to a LAN/VLAN on both sides - so it’s LAN/VLAN that needs to be included in mDNS repeating.
FWIW, While I have no need for printer between these “sites”… I did verify my Mac on my local LAN see my Mom’s printer, a 100 miles away, after enabling the VLAN associated with the EoIP tunnel in mDNS in /ip/dns… I can printer a web page on my Mom’s inkjet. Without repeating mDNS, the printer would not show up as an option in the Print Dialog. After it I pick the HP in the dropdown.
With the new mDNS Proxy feature, I should just be able to add the 2 VLAN interfaces I want to broadcast between in IP/DNS and it should work correct? I had communication between my phone and Google Nests work with PIM for ages and for some reason it just stopped working so I want to give mDNS a try
The key to success For Me using Tiks mDNS implementation was provided by @victorbayas in the following post
The following Firewall filter rule was all that was needed to get my 2 isolated VLANS to work with my Apple AirPrint capable printer
Wireguard does not support multicast, and mDNS needs multicast… so not possible. The mDNS support in 7.16 is just an “mDNS repeater”, so the resulting “repeated” multicast can not be forwarded over WG.
And why I’ve long argued that /ip/dns should act as mDNS/DNS-SD “Discovery Proxy” to deal with mDNS per RFC-8766. Essentially that means that a regular DNS server can resolve multicast mDNS lookups, so RFC-8766 “discovery proxy” support for unicast DNS is what’s needed for mDNS across subnet to work over WG, and compliant with Bonjour specs
Well… the VPN does need to support multicast & that’s the limiting factor to repeating mDNS. I don’t think L2TP work with new mDNS proxy. So off top of my head, that be GRE+IPSec, EoIP+IPSec and ZeroTier - that should work with new mDNS repeater.
Well… that’s true. But still need EoIP to add the multicast to WG – but you’re right the EoIP can run over an existing WG tunnel (and skip the IPSec stuff that’s built in to EoIP).
Actually, I wonder, it just might work using the new mDNS repeater if:
Both ends use EoIP over the Wireguard link (with no IPSEC).
End A connects it’s EoIP port to the bridge/VLAN of interest.
End B does not connect it’s EoIP port to a bridge - leave it isolated (actually you might need to put a DCHP client on it or set it’s IP statically to have an valid IP address for end A’s subnet).
End B uses the new mDNS repeater with the dangling EoIP and a VLAN or Bridge interface as members.
Just a thought experiment but it might work. I’ll try this experiment myself later when I have some time.
I guess theoretically that might work, but it gets confusing. If you just keep both side EoIP bridged, use new /ip/dns/mdns-repeat on EoIP (+ local LAN/VLAN) on each router, and apply more simplified bridge filter to DROP anything NOT port 5353 from over the bridged EoIP+WG link. And you could further tweak it to be a more generic “multicast bridge over WireGuard” (using EoIP connecting over the WG IPs and bridged to desired LANs) by changing the filter rules to allow more/all multicast.
I have just upgraded my MK to v.7.16, and I’d like to give this new mDNS feature a try.
A Jellyfin container running on my linux server is on VLAN 20, ip 172.16.20.25
My smart TV is on VLAN 30, ip 172.16.30.50. For the time being, the Smart TV can access media on the Jellyfin server only if I put both
on the same VLAN, but I don’t want to do that for several reasons.
So, what should I do to make this mDNS works?
Thank you
.
